Offensive Cybersecurity Engineer (VAPT)

Join Assurity Trusted Solutions (ATS), a subsidiary of the Government Technology Agency (GovTech), as a Cybersecurity Threat Risk Trainer. With over a decade of experience, ATS provides a robust suite of cybersecurity solutions, including infrastructure services, authentication, governance, and assurance services. In an increasingly complex digital landscape, we prioritize trust and collaboration to enhance security and mitigate cyber risks through partnerships with GovTech and various agencies.In this role, your expertise in threat risk modeling and vulnerability assessment penetration testing (VAPT) will be invaluable as you develop and deliver training workshops tailored for ICT officers. This position is contract-based until March 31, 2027.

Join our dynamic cybersecurity team at CSIT as a Cyber Threat Investigator. In this role, you will be instrumental in identifying, analyzing, and mitigating cyber threats to safeguard our organization. You will collaborate with various stakeholders to enhance our security posture and respond effectively to incidents.

Role PurposeAt Control Risks, our Digital Risks team leverages our extensive global presence and local expertise across 42 offices worldwide to empower our clients in navigating the dynamic threat landscape. We assist organizations in safeguarding their vital assets, effectively managing crises, and optimizing technology adoption for strategic advantage.The Principal will spearhead business development and consulting initiatives, enhancing our capabilities to assist senior stakeholders in addressing complex digital risk challenges. This role focuses on delivering impactful consulting results and supporting the growth of high-performing teams within the Digital Risks practice.Key ResponsibilitiesStrategic Advisory & Client Leadership• Act as a trusted advisor to senior executives and boards, offering strategic insights on digital risk, resilience, regulatory requirements, and emerging technology threats.• Simplify complex technical and risk concepts into actionable recommendations for non-technical audiences.• Lead the creation and presentation of executive briefings, strategic assessments, and transformation roadmaps aligned with clients’ long-term risk and security strategies.Digital Risk, Cybersecurity & Technology Advisory Delivery• Manage and guide intricate consulting projects focused on digital risk, cybersecurity, technology governance, and organizational resilience.• Oversee maturity assessments, control reviews, and risk analyses using recognized industry frameworks and regulatory models.• Deliver actionable, practical, and business-aligned recommendations to enhance clients’ risk management and resilience profiles.• Ensure high-quality standards and clarity in all deliverables through rigorous quality assurance and oversight.Regulatory, Governance & Compliance Advisory• Counsel clients on regional and global regulatory requirements concerning cybersecurity, data governance, technology operations, and third-party risk.• Collaborate with external specialists to integrate their expertise into comprehensive advisory solutions.Risk, Crisis & Incident Advisory Support• Provide senior-level support during digital incidents, investigations, or technology-related crises.• Employ crisis management principles, stakeholder communication strategies, and risk assessment methodologies to assist clients in navigating disruptive events.• Facilitate scenario planning, simulation exercises, and initiatives aimed at building resilience.Leadership of Consulting Engagements• Supervise multiple concurrent projects, ensuring consistent quality, methodological rigor, and high client satisfaction.• Lead project teams effectively to achieve strategic objectives.

Join CSIT as a Senior Cyber Threat Investigator where you will play a crucial role in safeguarding our digital assets. You will utilize advanced analytical skills and cutting-edge tools to identify, assess, and mitigate cyber threats. Collaborate with a dynamic team of experts to develop strategies that enhance our cybersecurity posture.

Drive the strategy and execution of responses to cybersecurity incidents, including malware infections, data breaches, and insider threats. Conduct both real-time and retrospective analyses of security events to effectively identify potential threats. Collaborate with MSSP Security Operations Centre (SOC) teams to enhance monitoring and alerting processes. Develop, document, and refine incident response plans and playbooks to ensure a robust response framework. Possess end-to-end expertise in managing incident responses. Engage in proactive threat hunting to discover unknown threats and vulnerabilities. Perform digital forensic investigations on compromised systems to uncover root causes and facilitate recovery. Utilize forensic tools to gather and analyze logs, memory dumps, and disk images effectively. Employ SIEM (Security Information and Event Management) tools to detect and address anomalous behavior within the network. Analyze logs from various security solutions, including firewalls, intrusion detection/prevention systems (IDS/IPS), endpoint protection, and cloud security tools. Enhance detection capabilities through the tuning of security alerts and the formulation of new detection rules. Recommend and implement security controls to minimize exposure to potential threats. Provide technical guidance and leadership to junior incident responders and security analysts.

Join our dynamic and diverse team at NCS as a Security Analyst (Threat Hunter)! We are looking for individuals who are passionate about cybersecurity and eager to make a significant impact.If you thrive on challenges, aim for excellence, and have a desire to integrate people and technology in innovative ways, we invite you to connect with us!Your Contribution:Proactively conduct threat hunts to identify potential malicious activities and incidents using advanced threat detection tools such as Carbon Black EDR, CrowdStrike EDR, and Cortex XDR when needed.Formulate hunting hypotheses and execute threat hunting focused on IOCs and TTPs, delivering weekly reports to management with findings and recommendations for countermeasures (e.g., development of Monitoring Rules).Investigate various TTPs associated with Advanced Persistent Threat (APT) groups that employ sophisticated tactics during cyber attacks.Collaborate with technical teams and the threat intelligence unit to provide timely warnings and support predictive analyses of malicious behavior.Contribute to enhancing threat detection capabilities by tuning and developing use cases for security information and event monitoring systems (SIEM) and other security controls.Develop attack detection and response playbooks.Advise clients on various threat modeling methodologies.

We are seeking a dedicated and knowledgeable Cybersecurity Vulnerability Researcher specializing in Linux systems to bolster our cybersecurity team. In this role, you will be responsible for identifying, analyzing, and mitigating vulnerabilities within our Linux infrastructure. Your expertise will play a crucial role in ensuring the security and integrity of our systems against emerging threats.As part of our cybersecurity department, you will collaborate with a team of talented professionals to develop and implement proactive defense strategies. You will have the opportunity to conduct thorough research on cybersecurity vulnerabilities and contribute to the development of innovative solutions.

Join a prestigious global technology firm as an Intelligence Analyst, where you will play a critical role in providing first-line support for employee travel and events. You will engage in real-time monitoring, assist travelers, perform horizon scanning, and offer technical intelligence support. This position is pivotal in ensuring effective triage, escalation, and communication during evolving situations.As part of a dedicated global team, you will provide 24/7 coverage for our clients, which may require working on weekends and holidays based on the schedule established by the team.Key Responsibilities:Monitor travel-related developments affecting employees, including executives.Deliver first-line assistance to travelers and facilitate issue resolution.Coordinate secure transportation and vetted third-party vendors.Support pre-trip advisories, briefings, and connect with travelers.Assist with travel-related incidents and provide support for distressed travelers.Review upcoming events and prepare situational summaries, including geofencing, tactical intelligence, and weather assessments.Conduct targeted monitoring during event periods and escalate any concerns.Establish and manage mass-notification groups for events.Monitor real-time alerts, evaluate their relevance, and escalate according to established workflows.Draft concise alerts, situation updates, and rapid assessments.Provide on-demand support to internal intelligence teams.

Assurity Trusted Solutions (ATS), a subsidiary of the Government Technology Agency (GovTech), has been a reputable partner in the cybersecurity domain for over a decade. We provide an extensive range of services including infrastructure management, operational services, governance, assurance, and managed processes. In an ever-evolving digital landscape where trust and collaboration are paramount, ATS is committed to fostering secure environments through partnerships with GovTech, government agencies, and commercial stakeholders, effectively mitigating cyber risks and enhancing security frameworks.Key Responsibilities:GRC Leadership & Second Line of DefenceLead the governance of risk and compliance (GRC) within our team, shaping our approach to managing risks across various products and platforms.Function as the second line of defence for ICT risk and controls, providing an independent review of risk management, control design, and their effectiveness.Collaborate closely with the Product team to incorporate practical security measures and compliance protocols into daily operations.Security Plan Governance and AutomationOversee the governance and standards for Security Plan submissions across CIOO and product teams, ensuring templates, minimum evidence expectations, and quality benchmarks are maintained.Evaluate Security Plans and supporting documentation, assess control coverage and implementation maturity, and recommend approvals to stakeholders.Implement automation as an ongoing audit mechanism:Work with product and platform teams to establish automated checks for Security Plan evidence.Utilize automated checks to identify gaps, anomalies, and missing evidence, driving remediation efforts with product teams.Monitor and report on KPIs related to Security Plans, including control coverage, consistency, cycle times, and defect rates across CIOO and product teams.ICT Audit and Evidence ManagementDevelop, implement, and manage workflows for ICT audit, risk management, and findings reporting.Organize and maintain documentation and knowledge repositories as the definitive source for:ICT audit plans, scopes, and proceduresControl descriptions and standard evidence templatesCentralized repositories of audit evidence and Security Plan materialsPlan and conduct thematic and product-level ICT audits under the CISO’s guidance, independently verifying:Completion of required tasksReliability and sufficiency of evidence provided by product teams

NCS3 is hiring a Senior Manager, Cyber Risk & Compliance in Singapore. This position takes the lead in safeguarding client digital assets and ensuring compliance with industry regulations. Role overview The Senior Manager oversees risk management strategies and drives compliance initiatives. The focus is on protecting information systems while meeting regulatory requirements. What you will do Direct strategic risk assessments for client systems and business processes Create and improve compliance frameworks to align with regulatory standards Collaborate with teams throughout the organization to enhance cybersecurity practices

Join Adventus as an Associate Cybersecurity Engineer and play a vital role in protecting our information systems and networks. You will collaborate with a team of cybersecurity professionals to implement security measures, conduct vulnerability assessments, and respond to incidents, ensuring the integrity of our data and infrastructure.

Role overview Sopra Steria seeks a Cybersecurity Consultant based in Singapore. The role centers on supporting clients as they improve their digital security posture. Consultants assess client environments and deliver solutions that protect data and networks from current and emerging threats. Key responsibilities Engage with clients to identify and analyze their cybersecurity needs Develop and apply security measures tailored to each client’s situation Participate in projects focused on enhancing digital protection and managing new risks Help advance the team’s cybersecurity practices through ongoing contributions

Join Anchorage Digital as a member of our Global Risk Management team, specializing in Financial Risk. In this pivotal role, you will collaborate with cross-functional teams to identify, assess, and mitigate financial risks associated with our innovative digital asset platform.Your contributions will play a significant role in shaping our risk management framework, ensuring compliance with regulatory requirements while fostering a culture of risk awareness across the organization.

Hudson River Trading (HRT) is actively seeking a talented Risk Manager to enhance our team in Singapore. In this pivotal role, you will be tasked with the design, enhancement, management, and communication of market and liquidity risk across HRT’s diverse trading strategies during the bustling Asia market hours. Collaborating closely with our risk, trading, and business teams, you will oversee all facets of the firm’s trading risk, gaining invaluable experience in the dynamic landscape of automated trading alongside exceptionally skilled professionals.The Risk team is a vibrant and highly collaborative unit, providing you with a unique opportunity to make a significant impact on our successful and innovative businesses at HRT. This challenging position will require you to navigate a broad spectrum of trading styles and investment horizons.

Join ASM: Where Innovation Meets CollaborationWith over 55 years of pioneering advancements in technology, ASM is at the forefront of semiconductor innovation. Our diverse team of over 4,500 professionals from 70 nationalities is instrumental in shaping the future through groundbreaking developments in 5G, cloud computing, AI, and autonomous driving. At ASM, we believe that technology can drive positive change, and we are committed to diversity, inclusion, and sustainability. Our development programs are designed to nurture your growth and unleash your potential.Role OverviewAs a Senior Cybersecurity Analyst, you will play a vital role in fortifying ASM’s global digital infrastructure by integrating robust security measures into essential systems and strategic projects. Your collaborative approach will help establish resilient security capabilities that safeguard our people, technology, and operations, empowering ASM to innovate confidently in a rapidly evolving semiconductor sector where reliability and trust are paramount.Key ResponsibilitiesEngage in architectural and design discussions for new solutions and initiatives.Collaborate with cross-functional teams to embed effective security controls into systems and processes.Assist in security investigations, assessments, and remediation efforts.Develop, implement, and uphold IT governance, risk, and compliance (GRC) frameworks, standards, and policies.Conduct cybersecurity and compliance risk evaluations across various technologies and business domains.Ensure that security controls are functioning effectively and consistently across teams.Support gap assessments, internal audits, and external audits.Participate in vendor due diligence processes and manage vendor risks.Engage in disaster recovery and business continuity planning, including cyber drills and business impact assessments.Serve as a cybersecurity expert for global IT teams, business partners, vendors, and contractors.Align cybersecurity priorities with business objectives through stakeholder engagement.Work collaboratively across time zones, with a willingness to accommodate occasional after-hours meetings.Lead or support security enhancement initiatives in areas such as OT security, AI security, and supply chain security.

At AlixPartners, we tackle the most intricate and pressing challenges by swiftly transitioning from analysis to actionable solutions when it matters most, generating lasting value for businesses, their workforce, and the communities they impact. We prioritize understanding, respecting, and addressing the needs of our employees, clients, and communities, fostering an inclusive atmosphere. We firmly believe in the importance of diversity in enriching our experiences and are dedicated to the continuous improvement of our initiatives, policies, and practices. We hold ourselves accountable by cultivating an environment that promotes authenticity, growth, and equity for all.AlixPartners has adopted a hybrid work model designed to offer flexibility and support for our employees’ work-life balance. This model integrates both in-person engagements (at client sites or AlixPartners offices) and remote work. Travel is a component of this role, with the frequency depending on client requirements, team dynamics, and individual situations.What You’ll DoAs a Risk Advisory Intern at AlixPartners, you will be involved in diverse projects aimed at creating value and enhancing performance across various business life cycles. You will assist in high-stakes situations, working alongside seasoned professionals recognized for their expertise in dispute, risk, and compliance projects. Your contributions will be vital in driving measurable outcomes for our clients.Support consultants in executing projects related to disputes, risk management, and compliance.Collect, interpret, and analyze data using statistical methods.Conduct research and assist in project proposals and implementation.Fulfill additional duties as required.This role encompasses a variety of responsibilities that may evolve over time.

As an IT and Security Risk Officer at Adyen, you will play a pivotal role in safeguarding our technology and operations against potential risks. Your expertise will help shape our security strategies, ensuring a robust defense against evolving threats. You will collaborate with cross-functional teams to assess vulnerabilities, implement security measures, and foster a culture of risk awareness throughout the organization.

Join QCP Group, Asia's premier digital asset partner, as we empower clients to integrate digital assets into their investment portfolios seamlessly. We provide an extensive array of solutions, ranging from spot on/off ramping and fixed income strategies to vanilla options and customized exotic derivatives. Our mission is to be the most trusted partner in the digital asset market, offering innovative solutions that position digital assets as a core element of every portfolio, balance sheet, and treasury.Since our inception in 2017, we have recognized the transformative potential of digital assets in reshaping financial markets. Our team has adeptly navigated three market cycles, bridging the divide between institutional and crypto ecosystems. We are committed to building trusted partnerships, placing client success and care at the center of our operations.

Assurity Trusted Solutions (ATS), a subsidiary of the Government Technology Agency (GovTech), has been a reliable partner for over a decade, providing a comprehensive array of products and services. Our offerings include infrastructure and operational services, governance and assurance services, and managed processes. In the ever-evolving digital and cybersecurity landscape, where trust and collaboration are paramount, ATS is dedicated to achieving mutually beneficial outcomes by working closely with GovTech, various governmental agencies, and commercial partners to reduce cyber risks and enhance security measures.We invite skilled professionals to join our team as Cybersecurity Engineers, specifically those with a solid foundation in Security Operations (SecOps). Successful candidates will be employed under a direct contract until November 30, 2028.Key Responsibilities:Develop and uphold cybersecurity standards, procedures, configurations, and rules for systems and services as part of our dedicated team.Conduct security exercises, including table-top and simulation drills, to validate security procedures.Engage in security incident response, analyzing alerts, coordinating with system operators, identifying threats, and performing initial triaging before escalating to senior security responders.Coordinate Indicators-Of-Compromise (IOC) scanning and compile reports from various system operators to provide consolidated updates to stakeholders.Conduct vulnerability assessments using both automated and manual tools, and recommend actionable remediation strategies. Understand published vulnerabilities and their corresponding security patches in relation to deployed systems, and perform risk assessments.Monitor and communicate security patch releases for various products, and participate in security patch assessments using standards like the Common Vulnerability Scoring System (CVSS), contextualized within the deployed environment.Present findings and reports to stakeholders regarding vulnerability scans, security testing outcomes, security incidents, and the overall security posture of systems.